Skip to content
This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

[orabos] A/B root partitions, Third for persistence #14

Draft
wants to merge 140 commits into
base: orabos
Choose a base branch
from
Draft

[orabos] A/B root partitions, Third for persistence #14

wants to merge 140 commits into from

Commits on Mar 11, 2024

  1. build(deps): bump azure/login from 1.6.1 to 2.0.0 

    Bumps [azure/login](https://github.com/azure/login) from 1.6.1 to 2.0.0.
- [Release notes](https://github.com/azure/login/releases)
- [Commits](Azure/login@cb79c77...8c334a1)

---
updated-dependencies:
- dependency-name: azure/login
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Mar 11, 2024
    Configuration menu
    Copy the full SHA
    8212fae View commit details
    Browse the repository at this point in the history

Commits on Mar 14, 2024

  1. Use packages.gardenlinux.io for release page generation (gardenlinux#… 

    …2041)

This is the new apt repo
    @Vincinator
    Vincinator authored Mar 14, 2024
    Configuration menu
    Copy the full SHA
    08179be View commit details
    Browse the repository at this point in the history

  2. fix: start-vm syntax error, add OVMF 4M files for debian (gardenlinux… 

    …#2042)
    @5kt
    5kt authored Mar 14, 2024
    Configuration menu
    Copy the full SHA
    25cf160 View commit details
    Browse the repository at this point in the history

Commits on Mar 18, 2024

  1. DISA STIG compliance (gardenlinux#1928) 

    Add a feature to make the Garden Linux image as compliant as possible to the [Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide](https://www.stigviewer.com/stig/canonical_ubuntu_20.04_lts/2023-09-08/)

Note that some items in that STIG simply don't apply to Garden Linux, for example it does not contain a GUI or AppArmor.

STIG-specific configuration is encapsulated in the 'stig' feature. To opt in into it, build your image with that feature enabled. Note that this might break other features.

The 'stigDev' feature provides a known user/password and ssh key for the purpose of testing. This feature is only intended for development/testing purposes, not for production.
    @fwilhe
    fwilhe authored Mar 18, 2024
    Configuration menu
    Copy the full SHA
    3c4e697 View commit details
    Browse the repository at this point in the history

  2. Add script to automatically bump SapMachine version (gardenlinux#2043) 

    So far the SapMachine version we include needs to be updated manually.

This PR adds a script to help with that, but the update is still a manual process.

The script finds the latest minor/patch version of a given major version along with the checksums of the tarballs.

Running `update-sapmachine.py` will print out the variables to be used in `exec.config`.
A potential improvement is to edit the `exec.config` script automatically via `update-sapmachine.py`.

We still want the checksum and the exact SapMachine version to be stored in the git repo, so we don't want to hide this by automatically running `update-sapmachine.py` during the build for reproducibility reasons.

Co-authored-by: Vincent Riesop <v.riesop@sap.com>
    @fwilhe @Vincinator
    fwilhe and Vincinator authored Mar 18, 2024
    Configuration menu
    Copy the full SHA
    41d1291 View commit details
    Browse the repository at this point in the history

  3. feat: kmodbuild container (gardenlinux#2045)

    @nkraetzschmar
    nkraetzschmar authored Mar 18, 2024
    Configuration menu
    Copy the full SHA
    2b2c2d7 View commit details
    Browse the repository at this point in the history

Commits on Mar 19, 2024

  1. fix docs: remove references to legacy apt repo (gardenlinux#2012)

    @Vincinator
    Vincinator authored Mar 19, 2024
    Configuration menu
    Copy the full SHA
    f5d2fff View commit details
    Browse the repository at this point in the history

  2. fix: setup after checkout (gardenlinux#2047)

    @Vincinator
    Vincinator authored Mar 19, 2024
    Configuration menu
    Copy the full SHA
    529f68b View commit details
    Browse the repository at this point in the history

  3. Follow up for gardenlinux#985 (gardenlinux#2050)

    @fwilhe
    fwilhe authored Mar 19, 2024
    Configuration menu
    Copy the full SHA
    522cb02 View commit details
    Browse the repository at this point in the history

  4. build(deps): bump boto3 from 1.34.55 to 1.34.65 in /tests (gardenlinu… 

    …x#2046)

Bumps [boto3](https://github.com/boto/boto3) from 1.34.55 to 1.34.65.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.34.55...1.34.65)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 19, 2024
    Configuration menu
    Copy the full SHA
    cddf931 View commit details
    Browse the repository at this point in the history

  5. Remove docker from gardener feature (gardenlinux#2049) 

    * Remove docker from gardener feature

* Remove docker-in-gardener-specific test
    @fwilhe
    fwilhe authored Mar 19, 2024
    Configuration menu
    Copy the full SHA
    6d08af4 View commit details
    Browse the repository at this point in the history

Commits on Mar 20, 2024

  1. Set GH_TOKEN in workflow to use gh cli (gardenlinux#2051)

    @fwilhe
    fwilhe authored Mar 20, 2024
    Configuration menu
    Copy the full SHA
    7e68371 View commit details
    Browse the repository at this point in the history

  2. fix typos in kernel module build publish pipeline (gardenlinux#2052)

    @Vincinator
    Vincinator authored Mar 20, 2024
    Configuration menu
    Copy the full SHA
    d0c9a47 View commit details
    Browse the repository at this point in the history

  3. fix kmnodbuild: link to correct Containerfile (gardenlinux#2053)

    @Vincinator
    Vincinator authored Mar 20, 2024
    Configuration menu
    Copy the full SHA
    1b36af8 View commit details
    Browse the repository at this point in the history

Commits on Mar 23, 2024

  1. feat: add tests for bare flavours

    @nkraetzschmar
    nkraetzschmar committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    2435c2a View commit details
    Browse the repository at this point in the history

Commits on Mar 25, 2024

  1. feat: add gdch platform (gardenlinux#2056)

    @Vincinator
    Vincinator authored Mar 25, 2024
    Configuration menu
    Copy the full SHA
    14a2ee1 View commit details
    Browse the repository at this point in the history

  2. Merge pull request gardenlinux#2057 from gardenlinux/feat/bare_flavou… 

    …rs_tests

feat: add tests for bare flavours
    @nkraetzschmar
    nkraetzschmar authored Mar 25, 2024
    Configuration menu
    Copy the full SHA
    67e1f55 View commit details
    Browse the repository at this point in the history

  3. fix: release page automation - rm package updates section (gardenlinu… 

    …x#2060)

* security update annotations are not tracked in package repository,
but in security tracker and other internal tooling.
* new package pipeline does not contain annotations for CVEs, thus
we need to remove the packages updates section in the release page automation
=> need to include it manually
    @Vincinator
    Vincinator authored Mar 25, 2024
    Configuration menu
    Copy the full SHA
    a84c44a View commit details
    Browse the repository at this point in the history

  4. build(deps): bump actions/cache from 4.0.1 to 4.0.2 

    Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@ab5e6d0...0c45773)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Mar 25, 2024
    Configuration menu
    Copy the full SHA
    ffd8a4f View commit details
    Browse the repository at this point in the history

Commits on Mar 26, 2024

  1. Merge pull request gardenlinux#2028 from gardenlinux/dependabot/githu… 

    …b_actions/azure/login-2.0.0

build(deps): bump azure/login from 1.6.1 to 2.0.0
    @nkraetzschmar
    nkraetzschmar authored Mar 26, 2024
    Configuration menu
    Copy the full SHA
    0230faf View commit details
    Browse the repository at this point in the history

  2. Merge pull request gardenlinux#2061 from gardenlinux/dependabot/githu… 

    …b_actions/actions/cache-4.0.2

build(deps): bump actions/cache from 4.0.1 to 4.0.2
    @nkraetzschmar
    nkraetzschmar authored Mar 26, 2024
    Configuration menu
    Copy the full SHA
    5e25991 View commit details
    Browse the repository at this point in the history

Commits on Apr 9, 2024

  1. Stop building openstack and vmware for arm64 (gardenlinux#2069) 

    * Stop building openstack and vmware for arm64

Those builds fail because of missing open-vm-tools for arm64.

Disable builds as they have no consumers anyways.

* fix s3 upload
    @fwilhe
    fwilhe authored Apr 9, 2024
    Configuration menu
    Copy the full SHA
    f43dbbf View commit details
    Browse the repository at this point in the history

  2. Improve docs (gardenlinux#2068) 

    * update LICENSE date
* improve readme
* badge showing latest LTS version of Garden Linux
* simple quick start sections: build, test, download
* remove unecessary license badge. we have LICENSE.md file which is commin practise and Github also displays it in UI
* remove toc. README is simple enough.
* add reference to bare container
* add reference to base container
* add reference to nvidia installer
* remove details about integration tests. Details are explained in developer docs. User readind README only needs to know how to test locally and that we test automatically

Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
    @Vincinator @fwilhe
    Vincinator and fwilhe authored Apr 9, 2024
    Configuration menu
    Copy the full SHA
    dbabc2a View commit details
    Browse the repository at this point in the history

Commits on Apr 12, 2024

  1. Build lima vm images (gardenlinux#2064) 

    This PR introduces a workflow for building disk images and yaml manifest for use with lima-vm. Uploading those build artefacts will be done in a separate PR.

Co-authored-by: Vincent Riesop <v.riesop@sap.com>
    @fwilhe @Vincinator
    fwilhe and Vincinator authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    12f5b0c View commit details
    Browse the repository at this point in the history

  2. build(deps): bump idna from 3.6 to 3.7 in /tests (gardenlinux#2071) 

    Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.6...v3.7)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    73462d6 View commit details
    Browse the repository at this point in the history

  3. build(deps): bump azure-cli from 2.57.0 to 2.59.0 in /tests (gardenli… 

    …nux#2070)

[no ci] Bumps [azure-cli](https://github.com/Azure/azure-cli) from 2.57.0 to 2.59.0.
- [Release notes](https://github.com/Azure/azure-cli/releases)
- [Changelog](https://github.com/Azure/azure-cli/blob/dev/doc/try_new_features_before_release.md)
- [Commits](Azure/azure-cli@azure-cli-2.57.0...azure-cli-2.59.0)

---
updated-dependencies:
- dependency-name: azure-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    03f9fec View commit details
    Browse the repository at this point in the history

  4. build(deps): bump google-auth from 2.28.1 to 2.29.0 in /tests (garden… 

    …linux#2063)

[no ci] Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.28.1 to 2.29.0.
- [Release notes](https://github.com/googleapis/google-auth-library-python/releases)
- [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md)
- [Commits](googleapis/google-auth-library-python@v2.28.1...v2.29.0)

---
updated-dependencies:
- dependency-name: google-auth
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    1d70bbf View commit details
    Browse the repository at this point in the history

  5. build(deps): bump google-cloud-storage from 2.15.0 to 2.16.0 in /tests ( 

    gardenlinux#2062)

[no ci] Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/googleapis/python-storage/releases)
- [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md)
- [Commits](googleapis/python-storage@v2.15.0...v2.16.0)

---
updated-dependencies:
- dependency-name: google-cloud-storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    0445e7c View commit details
    Browse the repository at this point in the history

  6. build(deps): bump azure-identity from 1.16.0b1 to 1.16.0b2 in /tests (g… 

    …ardenlinux#2029)

[no ci] Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.16.0b1 to 1.16.0b2.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-identity_1.16.0b1...azure-identity_1.16.0b2)

---
updated-dependencies:
- dependency-name: azure-identity
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    e1fd398 View commit details
    Browse the repository at this point in the history

  7. GitHub changelog generation (gardenlinux#1961) 

    * gh: create config for auto changelog generation

* GitHub supports the generation of automatic release notes based on PRs. 
* PRs can be filtered and sorted into categories via PR labels
* more details: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes

* gh: remove unused labels in changelog config
    @Vincinator
    Vincinator authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    aff4992 View commit details
    Browse the repository at this point in the history

  8. add gdch to GitHub action build (gardenlinux#2059) 

    Co-authored-by: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com>
    @Vincinator @nkraetzschmar
    Vincinator and nkraetzschmar authored Apr 12, 2024
    Configuration menu
    Copy the full SHA
    adbeb85 View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2024

  1. fix gdch: add info.yaml 

    * every platform requires an info.yaml.
    @Vincinator
    Vincinator authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    9458797 View commit details
    Browse the repository at this point in the history

  2. (main branch) fix gdch: exclude systemd-timesyncd in favour of chrony ( 

    …gardenlinux#2074)

* fix gdch: exclude systemd-timesyncd in favour of chrony

* fix gdch: exclude irqbalance
    @Vincinator
    Vincinator authored Apr 15, 2024
    Configuration menu
    Copy the full SHA
    9828f66 View commit details
    Browse the repository at this point in the history

Commits on Apr 16, 2024

  1. build(deps): bump aliyun-python-sdk-core from 2.14.0 to 2.15.1 in /te… 

    …sts (gardenlinux#2076)

Bumps [aliyun-python-sdk-core](https://github.com/aliyun/aliyun-openapi-python-sdk) from 2.14.0 to 2.15.1.
- [Commits](https://github.com/aliyun/aliyun-openapi-python-sdk/commits)

---
updated-dependencies:
- dependency-name: aliyun-python-sdk-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    a2b290c View commit details
    Browse the repository at this point in the history

  2. build(deps): bump azure-storage-blob from 12.19.0 to 12.19.1 in /tests ( 

    gardenlinux#2078)

Bumps [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) from 12.19.0 to 12.19.1.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-storage-blob_12.19.0...azure-storage-blob_12.19.1)

---
updated-dependencies:
- dependency-name: azure-storage-blob
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    ef0bfb7 View commit details
    Browse the repository at this point in the history

  3. build(deps): bump python-novaclient from 18.5.0 to 18.6.0 in /tests (g… 

    …ardenlinux#2079)

Bumps [python-novaclient](https://docs.openstack.org/python-novaclient/latest) from 18.5.0 to 18.6.0.

---
updated-dependencies:
- dependency-name: python-novaclient
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    90af449 View commit details
    Browse the repository at this point in the history

  4. build(deps): bump azure-identity from 1.16.0b2 to 1.16.0 in /tests (g… 

    …ardenlinux#2080)

Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.16.0b2 to 1.16.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-identity_1.16.0b2...azure-identity_1.16.0)

---
updated-dependencies:
- dependency-name: azure-identity
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    92a7be1 View commit details
    Browse the repository at this point in the history

  5. build(deps): bump pytest from 7.4.3 to 8.1.1 in /tests (gardenlinux#2077 

    )

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@7.4.3...8.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 16, 2024
    Configuration menu
    Copy the full SHA
    ebfaa19 View commit details
    Browse the repository at this point in the history

Commits on Apr 17, 2024

  1. tests: add kernel config tests (gardenlinux#1983) 

    * tests: add kernel config tests

Tests for cloud and metal feature. Check if
SGX configs are enabled and check if MAGIC_SYSRQ config is disabled

MAGIC_SYSRQ must be disabled for security audit reasons

* remove old unused kernel config test

* add exact test

* refactor: add rational, arch and key/value tuple

* also change test_kernel_config of metal
    @Vincinator
    Vincinator authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    149b9a5 View commit details
    Browse the repository at this point in the history

  2. fix: start-vm: correctly get homebrew_prefix (gardenlinux#2082)

    @nkraetzschmar
    nkraetzschmar authored Apr 17, 2024
    Configuration menu
    Copy the full SHA
    68fef56 View commit details
    Browse the repository at this point in the history

Commits on Apr 18, 2024

  1. Build with SELinux enabled (gardenlinux#2083) 

    * Build with SELinux enabled

Possible thanks to gardenlinux/builder#73

Tested with podman machine on macos with a new vm that has SELinux enabled

* fix: renamed systemd pcrphase binary

* Use newer builder image

Includes this fix gardenlinux/builder@191279b

---------

Co-authored-by: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com>
    @fwilhe @nkraetzschmar
    fwilhe and nkraetzschmar authored Apr 18, 2024
    Configuration menu
    Copy the full SHA
    b96dee2 View commit details
    Browse the repository at this point in the history

Commits on Apr 19, 2024

  1. fix: ensure ali access_key masked in action log (gardenlinux#2084)

    @nkraetzschmar
    nkraetzschmar authored Apr 19, 2024
    Configuration menu
    Copy the full SHA
    49bb659 View commit details
    Browse the repository at this point in the history

Commits on Apr 23, 2024

  1. Add user docs for lima (gardenlinux#2090)

    @fwilhe
    fwilhe authored Apr 23, 2024
    Configuration menu
    Copy the full SHA
    d649809 View commit details
    Browse the repository at this point in the history

Commits on Apr 25, 2024

  1. build(deps): bump boto3 from 1.34.65 to 1.34.89 in /tests (gardenlinu… 

    …x#2089)

Bumps [boto3](https://github.com/boto/boto3) from 1.34.65 to 1.34.89.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.34.65...1.34.89)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    7e197ed View commit details
    Browse the repository at this point in the history

  2. build(deps): bump pytest from 7.4.3 to 8.1.1 in /tests (gardenlinux#2088 

    )

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@7.4.3...8.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    266842c View commit details
    Browse the repository at this point in the history

  3. build(deps): bump python-openstackclient from 6.5.0 to 6.6.0 in /tests ( 

    gardenlinux#2087)

Bumps [python-openstackclient](https://docs.openstack.org/python-openstackclient/latest/) from 6.5.0 to 6.6.0.

---
updated-dependencies:
- dependency-name: python-openstackclient
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    3725f2b View commit details
    Browse the repository at this point in the history

  4. build(deps): bump azure/login from 2.0.0 to 2.1.0 (gardenlinux#2086) 

    Bumps [azure/login](https://github.com/azure/login) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/azure/login/releases)
- [Commits](Azure/login@8c334a1...6b24568)

---
updated-dependencies:
- dependency-name: azure/login
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    c53556a View commit details
    Browse the repository at this point in the history

Commits on Apr 30, 2024

  1. fix: add workaround for deborphan bug (gardenlinux#2099)

    @nkraetzschmar
    nkraetzschmar authored Apr 30, 2024
    Configuration menu
    Copy the full SHA
    3238cf5 View commit details
    Browse the repository at this point in the history

Commits on May 3, 2024

  1. build(deps): bump pytest from 7.4.3 to 8.2.0 in /tests (gardenlinux#2093 

    )

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.2.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@7.4.3...8.2.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 3, 2024
    Configuration menu
    Copy the full SHA
    aac50f1 View commit details
    Browse the repository at this point in the history

  2. build(deps): bump redhat-plumbers-in-action/differential-shellcheck (g… 

    …ardenlinux#2097)

Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases)
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md)
- [Commits](redhat-plumbers-in-action/differential-shellcheck@c150708...52bab0c)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 3, 2024
    Configuration menu
    Copy the full SHA
    a19c4d4 View commit details
    Browse the repository at this point in the history

  3. build(deps): bump aliyun-python-sdk-ecs in /tests (gardenlinux#2096) 

    Bumps [aliyun-python-sdk-ecs](http://develop.aliyun.com/sdk/python) from 4.24.71 to 4.24.72.

---
updated-dependencies:
- dependency-name: aliyun-python-sdk-ecs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 3, 2024
    Configuration menu
    Copy the full SHA
    978b367 View commit details
    Browse the repository at this point in the history

  4. build(deps): bump boto3 from 1.34.89 to 1.34.94 in /tests (gardenlinu… 

    …x#2095)

Bumps [boto3](https://github.com/boto/boto3) from 1.34.89 to 1.34.94.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.34.89...1.34.94)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 3, 2024
    Configuration menu
    Copy the full SHA
    941f61a View commit details
    Browse the repository at this point in the history

  5. build(deps): bump oss2 from 2.18.4 to 2.18.5 in /tests (gardenlinux#2094 

    )

Bumps [oss2](https://github.com/aliyun/aliyun-oss-python-sdk) from 2.18.4 to 2.18.5.
- [Release notes](https://github.com/aliyun/aliyun-oss-python-sdk/releases)
- [Changelog](https://github.com/aliyun/aliyun-oss-python-sdk/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/aliyun/aliyun-oss-python-sdk/commits)

---
updated-dependencies:
- dependency-name: oss2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 3, 2024
    Configuration menu
    Copy the full SHA
    2be79c7 View commit details
    Browse the repository at this point in the history

  6. Rootless podman feature (gardenlinux#2081) 

    * Rootless podman feature

WIP, currently not building because slirp4netns is missing in repo

* bootstrap unit tests

* fix sed
    @fwilhe
    fwilhe authored May 3, 2024
    Configuration menu
    Copy the full SHA
    2621b46 View commit details
    Browse the repository at this point in the history

  7. fix: PR gardenlinux#2083 (gardenlinux#2098)

    @nkraetzschmar
    nkraetzschmar authored May 3, 2024
    Configuration menu
    Copy the full SHA
    6bd7215 View commit details
    Browse the repository at this point in the history

Commits on May 6, 2024

  1. Update SAPMachine to 21.0.3 (gardenlinux#2102)

    @fwilhe
    fwilhe authored May 6, 2024
    Configuration menu
    Copy the full SHA
    e0d1829 View commit details
    Browse the repository at this point in the history

Commits on May 7, 2024

  1. chore: remove manual local test of non-existing deprecated garden_feat ( 

    gardenlinux#2101)
    @Vincinator
    Vincinator authored May 7, 2024
    Configuration menu
    Copy the full SHA
    eb3b78c View commit details
    Browse the repository at this point in the history

  2. docs: use new builder in oras and oci feature README (gardenlinux#2100)

    @Vincinator
    Vincinator authored May 7, 2024
    Configuration menu
    Copy the full SHA
    9b119ab View commit details
    Browse the repository at this point in the history

Commits on May 8, 2024

  1. Fixes the _readonly build 

    In this commit we imitation the fix[0] for `_secureboot`. Since systemd
255 has renamed the  naming from pcrextend to pcrphase. Without the
build fails:

    building raw image kvm-python_dev_readonly-amd64-today
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] using base fstab: /builder/features/base/fstab
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] modifying fstab with /builder/features/_readonly/fstab.mod
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---- fstab ----
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=EFI    /efi    vfat    ro,umask=0077    type=uefi,size=128MiB
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=USR    /usr         ext4    ro               verity
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] REPART=00    /            ext4    rw               ephemeral
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---------------
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] mke2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Discarding device blocks: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating filesystem with 123648 4k blocks and 123648 inodes
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Filesystem UUID: 574aaca1-0e64-d36a-f743-e943b6bbca85
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Superblock backups stored on blocks:
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47]      32768, 98304
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Allocating group tables: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Writing inode tables: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating journal (4096 blocks): done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Copying files into the device: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Writing superblocks and filesystem accounting information: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] tune2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem is already 123648 (4k) blocks long.  Nothing to do!
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Resizing the filesystem on /tmp/tmp.NQarjGu1rf to 128000 (4k) blocks.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem on /tmp/tmp.NQarjGu1rf is now 128000 (4k) blocks long.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:03] /usr 5c3c3ad846e38b5b137e5483134ef1518b67eb4cdee901a2ad80556efc1ffcec  /tmp/tmp.NQarjGu1rf
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] VERITY header information for /tmp/tmp.NQarjGu1rf.verity
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] UUID:                b22d938d-1a08-3803-f9fe-e56a1f5bf88b
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash type:           1
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data blocks:         128000
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data block size:     4096
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash blocks:         1009
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash block size:     4096
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash algorithm:      sha256
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Salt:                59cdd7476f7045846a89fb0743b0508cc366b6dfa40a4fc6e3e6e6df095f6ad5
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Root hash:           cf485e037bd039c77ebe06c196f11ca553c49408f8e8d5e461f2f40c7255e392
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash device size:    4136960 [bytes]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] ERROR: ld.so: object 'datefudge.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] /efi ce715d6156ecbde3caf8b52818a27515ae678c1fc3da7167905c7b5c39ae7bdc  /tmp/tmp.FpyBisxA15
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] /usr/bin/dracut: line 1067: /sys/module/firmware_class/parameters/path: No such file or directory
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Executing: /usr/bin/dracut --no-hostonly --force --kver 6.6.30-cloud-amd64 --modules "bash dash systemd systemd-initrd systemd-veritysetup systemd-repart kernel-modules kernel-modules-extra terminfo udev-rules dracut-systemd base fs-lib shutdown crypt systemd-pcrphase " --install "/etc/veritytab cryptsetup head mkfs.ext4 systemd-escape lsblk" --include /tmp/tmp.uQc9lA1NcJ / --reproducible /tmp/tmp.xSSK9wE6VQ
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found!
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[E]: Module 'systemd-pcrphase' cannot be installed.
    completed in 107 seconds

He also exepcts tpm2 to be preseted now. Hence adding it to the
packages. As of now this fixes the build. I'm unsure if the build will
work correctly. Since it will fail as follows:

    [  OK  ] Reached target initrd-root-device.target - Initrd Root Device.
    [    3.877478] systemd-repart[383]: Automatically determined minimal disk image size as 599.0M, current image size is 584.0M.
    [    3.878989] systemd[1]: systemd-repart.service: Main process exited, code=exited, status=1/FAILURE
    [    3.880320] systemd[1]: systemd-repart.service: Failed with result 'exit-code'.
    [    3.881512] systemd[1]: Failed to start systemd-repart.service - Repartition Root Disk.
    [    3.882701] systemd[1]: Reached target initrd-root-device.target - Initrd Root Device.

But this might be a different issue.
    @Akendo
    Akendo committed May 8, 2024
    Configuration menu
    Copy the full SHA
    8156398 View commit details
    Browse the repository at this point in the history

Commits on May 13, 2024

  1. add hack/enable_inactive_workflows script (gardenlinux#2106) 

    * add hack/enable_inactive_workflows script
* make shellcheck happy
    @nkraetzschmar
    nkraetzschmar authored May 13, 2024
    Configuration menu
    Copy the full SHA
    51017a1 View commit details
    Browse the repository at this point in the history

Commits on May 15, 2024

  1. test: rework umask tests (gardenlinux#2113) 

    What:
- repair `non_gcp` flag for python platform tests
- add a second umask test `test_umask_cmd` (check via `umask`) 
- disable `test_umask` for platform gcp tests (check by reading UMASK value from /etc/login.defs) 

Why we need these tests:
- pam_umask reads the umask value from /etc/login.defs: we need to test /etc/login.defs
- `/root/.bashrc`, `/root/.profile`, ... can overwrite default value from /etc/login.defs
    - ➡️  we need to check via umask cmd in root bash environment

Conclusion: 
- We need both tests. Disabling `/etc/login.defs` for gcp only is only acceptable, because we additionally have chroot tests that still check the file content.
    @Vincinator
    Vincinator authored May 15, 2024
    Configuration menu
    Copy the full SHA
    da7a913 View commit details
    Browse the repository at this point in the history

  2. build(deps): bump redhat-plumbers-in-action/differential-shellcheck (g… 

    …ardenlinux#2103)

Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.2 to 5.2.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases)
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md)
- [Commits](redhat-plumbers-in-action/differential-shellcheck@52bab0c...227e162)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 15, 2024
    Configuration menu
    Copy the full SHA
    928234e View commit details
    Browse the repository at this point in the history

Commits on May 17, 2024

  1. fix: /etc/login.defs permissions

    @nkraetzschmar
    nkraetzschmar committed May 17, 2024
    Configuration menu
    Copy the full SHA
    9ce07cb View commit details
    Browse the repository at this point in the history

  2. Merge pull request gardenlinux#2114 from gardenlinux/fix/test/login.defs 

    fix: /etc/login.defs permissions
    @nkraetzschmar
    nkraetzschmar authored May 17, 2024
    Configuration menu
    Copy the full SHA
    1d9487f View commit details
    Browse the repository at this point in the history

Commits on May 21, 2024

  1. build(deps-dev): bump pylint from 3.1.0 to 3.2.2 in /tests (gardenlin… 

    …ux#2115)

updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 21, 2024
    Configuration menu
    Copy the full SHA
    e7d6a2a View commit details
    Browse the repository at this point in the history

  2. build(deps): bump requests from 2.31.0 to 2.32.0 in /tests (gardenlin… 

    …ux#2120)

updated-dependencies:
- dependency-name: requests
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 21, 2024
    Configuration menu
    Copy the full SHA
    f0336df View commit details
    Browse the repository at this point in the history

  3. build(deps): bump redhat-plumbers-in-action/differential-shellcheck f… 

    …rom 5.2.0 to 5.3.0 (gardenlinux#2118)

updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 21, 2024
    Configuration menu
    Copy the full SHA
    8cba091 View commit details
    Browse the repository at this point in the history

  4. build(deps): bump google-github-actions/auth from 2.1.2 to 2.1.3 (gar… 

    …denlinux#2119)

updated-dependencies:
- dependency-name: google-github-actions/auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 21, 2024
    Configuration menu
    Copy the full SHA
    3c62ae8 View commit details
    Browse the repository at this point in the history

  5. build(deps): bump pytest from 7.4.3 to 8.2.1 in /tests (gardenlinux#2116 

    )

updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 21, 2024
    Configuration menu
    Copy the full SHA
    afe1cea View commit details
    Browse the repository at this point in the history

Commits on May 22, 2024

  1. Include test fgor the _secureboot and _readonly 

    Turns out that the change in dracut isn't stable. The pcrextend is
missing in my latest build, breaking readonly again. Hence, I'll keep
the change here after all.
    @Akendo
    Akendo committed May 22, 2024
    Configuration menu
    Copy the full SHA
    f6df5b5 View commit details
    Browse the repository at this point in the history

  2. Merge pull request gardenlinux#2108 from gardenlinux/fix/rename-syste… 

    …md-pcrextend

In this commit, we copy the fix\[0\] for `_secureboot`. Since systemd 255 has renamed the naming from `pcrextend` to `pcrphase.` Without the build fails:

    building raw image kvm-python_dev_readonly-amd64-today
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] using base fstab: /builder/features/base/fstab
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] modifying fstab with /builder/features/_readonly/fstab.mod
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---- fstab ----
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=EFI    /efi    vfat    ro,umask=0077    type=uefi,size=128MiB
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=USR    /usr         ext4    ro               verity
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] REPART=00    /            ext4    rw               ephemeral
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---------------
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] mke2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Discarding device blocks: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating filesystem with 123648 4k blocks and 123648 inodes
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Filesystem UUID: 574aaca1-0e64-d36a-f743-e943b6bbca85
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Superblock backups stored on blocks:
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47]      32768, 98304
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Allocating group tables: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Writing inode tables: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating journal (4096 blocks): done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Copying files into the device: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Writing superblocks and filesystem accounting information: done
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] tune2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem is already 123648 (4k) blocks long.  Nothing to do!
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024)
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Resizing the filesystem on /tmp/tmp.NQarjGu1rf to 128000 (4k) blocks.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem on /tmp/tmp.NQarjGu1rf is now 128000 (4k) blocks long.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:03] /usr 5c3c3ad846e38b5b137e5483134ef1518b67eb4cdee901a2ad80556efc1ffcec  /tmp/tmp.NQarjGu1rf
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] VERITY header information for /tmp/tmp.NQarjGu1rf.verity
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] UUID:                b22d938d-1a08-3803-f9fe-e56a1f5bf88b
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash type:           1
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data blocks:         128000
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data block size:     4096
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash blocks:         1009
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash block size:     4096
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash algorithm:      sha256
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Salt:                59cdd7476f7045846a89fb0743b0508cc366b6dfa40a4fc6e3e6e6df095f6ad5
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Root hash:           cf485e037bd039c77ebe06c196f11ca553c49408f8e8d5e461f2f40c7255e392
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash device size:    4136960 [bytes]
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] ERROR: ld.so: object 'datefudge.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] /efi ce715d6156ecbde3caf8b52818a27515ae678c1fc3da7167905c7b5c39ae7bdc  /tmp/tmp.FpyBisxA15
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] /usr/bin/dracut: line 1067: /sys/module/firmware_class/parameters/path: No such file or directory
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Executing: /usr/bin/dracut --no-hostonly --force --kver 6.6.30-cloud-amd64 --modules "bash dash systemd systemd-initrd systemd-veritysetup systemd-repart kernel-modules kernel-modules-extra terminfo udev-rules dracut-systemd base fs-lib shutdown crypt systemd-pcrphase " --install "/etc/veritytab cryptsetup head mkfs.ext4 systemd-escape lsblk" --include /tmp/tmp.uQc9lA1NcJ / --reproducible /tmp/tmp.xSSK9wE6VQ
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found!
    [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[E]: Module 'systemd-pcrphase' cannot be installed.
    completed in 107 seconds

He also expects tpm2 to be present now. Hence, adding it to the packages. Lastly, we check for the `pcrphase` binary and only linking it when it's missing. This should have been fixed upstream, however, there might be a regression.

Fixes: gardenlinux#2108
    @Akendo
    Akendo authored May 22, 2024
    Configuration menu
    Copy the full SHA
    c1ef132 View commit details
    Browse the repository at this point in the history

Commits on May 27, 2024

  1. Add target_commitish parameter to POST release api call (gardenlinux#… 

    …2123)

We were missing the target_commitish parameter which means that github
is using main branch instead.

Docs:
https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release
    @fwilhe
    fwilhe authored May 27, 2024
    Configuration menu
    Copy the full SHA
    d2b75f5 View commit details
    Browse the repository at this point in the history

  2. --- (gardenlinux#2117) 

    updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 27, 2024
    Configuration menu
    Copy the full SHA
    29512d5 View commit details
    Browse the repository at this point in the history

  3. build(deps): bump azure-storage-blob from 12.19.1 to 12.20.0 in /tests ( 

    gardenlinux#2110)

Bumps [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) from 12.19.1 to 12.20.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-storage-blob_12.19.1...azure-storage-blob_12.20.0)

---
updated-dependencies:
- dependency-name: azure-storage-blob
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 27, 2024
    Configuration menu
    Copy the full SHA
    7350481 View commit details
    Browse the repository at this point in the history

  4. build(deps): bump azure-cli from 2.59.0 to 2.60.0 in /tests (gardenli… 

    …nux#2104)

Bumps [azure-cli](https://github.com/Azure/azure-cli) from 2.59.0 to 2.60.0.
- [Release notes](https://github.com/Azure/azure-cli/releases)
- [Changelog](https://github.com/Azure/azure-cli/blob/dev/doc/try_new_features_before_release.md)
- [Commits](Azure/azure-cli@azure-cli-2.59.0...azure-cli-2.60.0)

---
updated-dependencies:
- dependency-name: azure-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 27, 2024
    Configuration menu
    Copy the full SHA
    d7e484b View commit details
    Browse the repository at this point in the history

Commits on May 31, 2024

  1. build(deps): bump azure/login from 2.1.0 to 2.1.1 (gardenlinux#2124) 

    Bumps [azure/login](https://github.com/azure/login) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/azure/login/releases)
- [Commits](Azure/login@6b24568...6c25186)

---
updated-dependencies:
- dependency-name: azure/login
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 31, 2024
    Configuration menu
    Copy the full SHA
    8e47a68 View commit details
    Browse the repository at this point in the history

  2. build(deps): bump azure-mgmt-compute from 30.6.0 to 31.0.0 in /tests (g… 

    …ardenlinux#2125)

Bumps [azure-mgmt-compute](https://github.com/Azure/azure-sdk-for-python) from 30.6.0 to 31.0.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-mgmt-compute_30.6.0...azure-mgmt-compute_31.0.0)

---
updated-dependencies:
- dependency-name: azure-mgmt-compute
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 31, 2024
    Configuration menu
    Copy the full SHA
    ac67a0f View commit details
    Browse the repository at this point in the history

  3. build(deps): bump google-cloud-compute from 1.17.0 to 1.19.0 in /tests ( 

    gardenlinux#2129)

Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.17.0 to 1.19.0.
- [Release notes](https://github.com/googleapis/google-cloud-python/releases)
- [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md)
- [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.17.0...google-cloud-compute-v1.19.0)

---
updated-dependencies:
- dependency-name: google-cloud-compute
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 31, 2024
    Configuration menu
    Copy the full SHA
    d97d79b View commit details
    Browse the repository at this point in the history

  4. build(deps): bump azure-mgmt-network from 25.3.0 to 25.4.0 in /tests (g… 

    …ardenlinux#2127)

Bumps [azure-mgmt-network](https://github.com/Azure/azure-sdk-for-python) from 25.3.0 to 25.4.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-mgmt-network_25.3.0...azure-mgmt-network_25.4.0)

---
updated-dependencies:
- dependency-name: azure-mgmt-network
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 31, 2024
    Configuration menu
    Copy the full SHA
    a96561c View commit details
    Browse the repository at this point in the history

Commits on Jun 6, 2024

  1. add AWS S3 to China upload step (gardenlinux#2134)

    @MrBatschner
    MrBatschner authored Jun 6, 2024
    Configuration menu
    Copy the full SHA
    b46e3af View commit details
    Browse the repository at this point in the history

Commits on Jun 10, 2024

  1. ORA BOS (Ora Baremetal OS) First dump 

    - Include mlx5 drivers in initramdisk and load it, otherwise we have
  problems with the setup of the bond (NIC isn't known yet)

- Set the DNS on the bond, as cloud-init sets here things up statically,
  and therefore no DHCP info about the DNS
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    bd7ee43 View commit details
    Browse the repository at this point in the history

  2. [orabos] remove selinux for building on concourse

    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    8121f78 View commit details
    Browse the repository at this point in the history

  3. Delete kubeadm specific config 

    This file overrides the kublet config specifically put
there for gardener, and fails with it being there.
So we rather remove it.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    d85005f View commit details
    Browse the repository at this point in the history

  4. Add B partition for potential A/B setup 

    Simply adding a second root.conf instructs systemd-repart to
create another root parition of equal size.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    9c0b4ab View commit details
    Browse the repository at this point in the history

  5. Install openvswitch from debian stable / backports 

    It isn't part of the gardenlinux repo (yet),
so get it in that way for now.

It's needed for the neutron OVS and the OVN driver.

Also add the loci-users for now. This probably
should be replaced with k8s means to map the users.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    620979c View commit details
    Browse the repository at this point in the history

  6. Pin to debian kernel 

    The gardenlinux kernel crashes currently
with the mlx5 driver.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    aacfee0 View commit details
    Browse the repository at this point in the history

  7. Add iscsi & multipath + config

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    f16c97f View commit details
    Browse the repository at this point in the history

  8. Ensure osvdb connection readable for group 

    The neutron agent will be member of the group openvswitch,
but not the openvswitch user itself.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    7961c4a View commit details
    Browse the repository at this point in the history

  9. Pre-create nova directories 

    This ensures, that they have the right permissions
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    8b03235 View commit details
    Browse the repository at this point in the history

  10. Exclude the secondary partition from auto-mount 

    The kernel can automatically detect the root based
on the GUID value. This marks the second partition as non-auto,
to disambiguate between the two partitions.
(Aside from the fact that the actual root has the label ROOT).
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    fd0ee54 View commit details
    Browse the repository at this point in the history

  11. Disable watchdog 

    This is a bit of a sledge-hammer method, but for now disable
the watchdog, because it kicks in when doing a soft-reboot
or a system kexec call.
Both cut down the reboot time tremendously.
The proper way would be to find out why the watchdog is not
fed in those situations.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    341bd44 View commit details
    Browse the repository at this point in the history

  12. Setup OVS bridge 

    Probably it would be easier to disable cloud-init networking
and to do it completely ourselves, but now I have written it
that way that it starts after cloud-init-local
and before cloud-init (proper) to copy the settings from the bond
to the ovs config.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    8978a56 View commit details
    Browse the repository at this point in the history

  13. Fix group permissions for openvswitch 

    The clients run in the openvswitch group.
We create also a openvswitch user just in case,
as we might want to switch to that instead of root,
like SLES and possibly RHEL do.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    fd31ee9 View commit details
    Browse the repository at this point in the history

  14. Reserve the huge-pages on startup 

    This is rather slow, but it works.
We need to move that earlier somehow, maybe right in the initrd with
an kexec instead of this.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    e3ee88f View commit details
    Browse the repository at this point in the history

  15. We need a chost for gardener, not a khost 

    The khost pulls in the kubelet, but in gardener the gardener-node-agent
manages the kubelet version. And putting one in the image breaks whatever
the agent wants to do.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    eb1d6dd View commit details
    Browse the repository at this point in the history

  16. Remove the link /opt/cni/bin from containerd 

    This conflicts with the calico initcontainer installation script.
It tries to mount the directory, but the link points to a non-existant
directory. So we simply remove it.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    94295ed View commit details
    Browse the repository at this point in the history

  17. Change Orabos type from platform to element 

    There should only be one platform, and that would be for us
openstackbaremetal, we add orabos as an element.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    55bc50c View commit details
    Browse the repository at this point in the history

  18. Put the timestamp into the os release 

    This should help to differentiate between
different today releases.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    a2c3f32 View commit details
    Browse the repository at this point in the history

  19. [orabos] Add ignition

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    4a4160c View commit details
    Browse the repository at this point in the history

  20. [gardenlinux] crude hack to include (overwrite) flatcar ignition

    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    746a257 View commit details
    Browse the repository at this point in the history

  21. [orabos] Move patched ignition to its own feature 

    It breaks the cloud-init based setup, so we need to move
it to the pipeline and generate two images (for now).
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    6d6ac90 View commit details
    Browse the repository at this point in the history

  22. [ignition] remove duplicated ignite feature, use patched ignition deb

    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    2789d1c View commit details
    Browse the repository at this point in the history

  23. Revert "[ignition] remove duplicated ignite feature, use patched igni… 

    …tion deb"

This reverts commit 2692585.
    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    8c46cdd View commit details
    Browse the repository at this point in the history

  24. [ignite] overwrite ignition with patched version

    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    6d3d699 View commit details
    Browse the repository at this point in the history

  25. [orabos] add jq

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    aee2c42 View commit details
    Browse the repository at this point in the history

  26. [orabos] add conntrack and crictl 

    to fix kubeadm preflight checks
kubeadm.sh[343685]: error execution phase preflight: [preflight] Some fatal errors occurred:
kubeadm.sh[343685]:         [ERROR FileExisting-crictl]: crictl not found in system path
node003-bb274 kubeadm.sh[343685]:         [ERROR FileExisting-conntrack]: conntrack not found in system path
    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    73f95fa View commit details
    Browse the repository at this point in the history

  27. [orabos] add sssd for ldap auth

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    73a7ec0 View commit details
    Browse the repository at this point in the history

  28. disable sssd until pkg issue is resolved

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    938d8a9 View commit details
    Browse the repository at this point in the history

  29. change crictl binary location

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    da8441b View commit details
    Browse the repository at this point in the history

  30. [orabos] Move ignite completely out of orabos

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    7adf2ec View commit details
    Browse the repository at this point in the history

  31. [orabos] Skip ovs setup if there is no cloud-init.yaml 

    We want to provision it via ignition, and then there
is no cloud-init
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    5f59f67 View commit details
    Browse the repository at this point in the history

  32. [ignite] Select platform_id from gardenlinux platform string

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    c43d6dc View commit details
    Browse the repository at this point in the history

  33. [ignite] remove cloud-init from ignite feature

    @notandy @fwiesel
    notandy authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    215478d View commit details
    Browse the repository at this point in the history

  34. testing separate orabosmetal3 feature

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    c7af687 View commit details
    Browse the repository at this point in the history

  35. [orabosmetal3] default cloud.cfg still needed

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    6216c49 View commit details
    Browse the repository at this point in the history

  36. [orabosmetal3] empty cloud.cfg file

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    8cfc6c0 View commit details
    Browse the repository at this point in the history

  37. [ignite[ changes patched ignition location

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    dc2f7af View commit details
    Browse the repository at this point in the history

  38. [orabosmetal3] change cloud.cfg location

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    46f6834 View commit details
    Browse the repository at this point in the history

  39. [ignite] Do not de-install cloud-init, just disable it 

    It breaks the build, and that is easier for now.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    7a8e5f6 View commit details
    Browse the repository at this point in the history

  40. [orabos] Remove downloaded crictl tarball

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    7501c07 View commit details
    Browse the repository at this point in the history

  41. [ignite] Properly include the feature _ignite

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    4043d3c View commit details
    Browse the repository at this point in the history

  42. [orabos] try excluding default network file

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    2e8b361 View commit details
    Browse the repository at this point in the history

  43. [orabos] file.exclude is a file

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    eccf023 View commit details
    Browse the repository at this point in the history

  44. [orabos] rm wait-for-networkd.conf dropin 

    That is leaving systemd-resolved in hanging state even if systemd-networkd.service is up
    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    2cc6d58 View commit details
    Browse the repository at this point in the history

  45. rm temp orabosmetal3 feature

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    f14312e View commit details
    Browse the repository at this point in the history

  46. [orabox] exclude firewall feature 

    is also disabled in gardener feature
conflicts with nodeport services
    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    a9a9527 View commit details
    Browse the repository at this point in the history

  47. [orabos] add nfs-common pkg 

    * for NFS PVs (needed for prometheus)
    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    e97caa8 View commit details
    Browse the repository at this point in the history

  48. [orabos] Also support cloud-init netplan with dhcp 

    The prior one is if you deploy in an external network,
the new one also works in private networks with dhcp.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    81009eb View commit details
    Browse the repository at this point in the history

  49. [orabos] Move hugepages to initram stage 

    Configuring them late in the system setup takes a significant
time, doing so very early via a kexec-reboot should be faster.
Potentially, changing them on-the-fly early enough might
have been enough, but I haven't tested that.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    99a4c7a View commit details
    Browse the repository at this point in the history

  50. [orabos] Setup OVS also over a single interface 

    We expect a bond, but when testing with qemu, there will be only
a single interface. Cover that as well.
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    0e9cfa6 View commit details
    Browse the repository at this point in the history

  51. [orabos] Move script to opt

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    9defe22 View commit details
    Browse the repository at this point in the history

  52. [gardenlinux] Fix console with reset vga on kexec

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    a8bafcf View commit details
    Browse the repository at this point in the history

  53. [orabos] enable sssd feature

    @defo89 @fwiesel
    defo89 authored and fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    d5324a1 View commit details
    Browse the repository at this point in the history

  54. [ignite/metal3] Renamed ignite feature to metal3 

    This gives us a place to collect all changes relevant to metal3
provisioning (as opposed to adding it to orabos).
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    f096a3f View commit details
    Browse the repository at this point in the history

  55. [orabos] Base it on gardener feature instead 

    Presumably that is the feature we want to get closest to
    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    ffc44a8 View commit details
    Browse the repository at this point in the history

  56. [orabos] Undo disabled systemd-repart

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    e527fca View commit details
    Browse the repository at this point in the history

  57. [orabos][metal3] Move crictl to metal3

    @fwiesel
    fwiesel committed Jun 10, 2024
    Configuration menu
    Copy the full SHA
    fc87809 View commit details
    Browse the repository at this point in the history

Commits on Jun 17, 2024

  1. [orabos] limit libvirt-qemu vnc port range to kubernetes node-ports

    @notandy
    notandy committed Jun 17, 2024
    Configuration menu
    Copy the full SHA
    618d769 View commit details
    Browse the repository at this point in the history

Commits on Jun 19, 2024

  1. [orabos] Fix ovsdb permissions race 

    Doing it in the same unit has a race-condition,
as the osdb-server forks of and will create
eventually the socket, and at the same time
the ExecStartPost script is running.
By moving it to its own unit, the script can
wait for the socket and adjust the permissions
without delaying other units.
    @fwiesel
    fwiesel committed Jun 19, 2024
    Configuration menu
    Copy the full SHA
    bb68c1a View commit details
    Browse the repository at this point in the history

  2. [orabos] A/B root partitions, Third for persistence 

    We could either have two completely separate paritions,
and copy things manually around, or this.
Btrfs offers the option create subvolumes for partitioning
the data further up.
Otherwise we would have to statically determine the size
of the home, var, and var/tmp partitions (or at least:
home and var).
Home should be fairly limited, so that would not be an insurmountable
problem.

As the VMs will (eventually) only run with non-local storage, the
partition will only be used for our data, which should be practically
ephemeral, and is only persisted for a faster life-cycle.

Brtfs also would offer us the option to use snapshots for rollback,
partition the paths further, or and makes it easy to add more paths,
in case of need.

This includes the read-only /usr directory, now disabled.
Adding a normal a/b partition doubles the risk of having
chosen the wrong size and having to redeploy from scratch to
repartition it.
    @fwiesel
    fwiesel committed Jun 19, 2024
    Configuration menu
    Copy the full SHA
    d7b5882 View commit details
    Browse the repository at this point in the history